This reposistory contains the data collection and analysis code used in the paper "Sticky Fingers: Resilience of Satellite Fingerprinting Systems against Jamming Attacks".
This work uses the SatIQ
system from the paper "Watch This Space: Securing Satellite Communication through Resilient Transmitter Fingerprinting", evaluating the resilience of the system against jamming attacks - the repo for this system can be found at https://github.com/ssloxford/SatIQ.
Additional materials:
- Paper (arXiv preprint): https://arxiv.org/abs/2402.05042
- Dataset: https://zenodo.org/record/10678124
- "Watch This Space" paper (arXiv preprint): https://arxiv.org/abs/2305.06947
- SatIQ model weights: https://zenodo.org/record/8298532
When using this data, please cite the following paper: "Sticky Fingers: Resilience of Satellite Fingerprinting Systems against Jamming Attacks". The BibTeX entry is given below:
@inproceedings{smailesSticky2024,
author = {Smailes, Joshua and Salkield, Edd and K{\"o}hler, Sebastian and Birnbach, Simon and Strohmeier, Martin and Martinovic, Ivan},
title = {{Sticky Fingers}: {Resilience of Satellite Fingerprinting against Jamming Attacks}},
year = {2024},
booktitle = {Workshop on the Security of Space and Satellite Systems (SpaceSec)},
location = {San Diego, USA},
series = {SpaceSec '24}
}
If using the SatIQ
model, please cite the following paper: "Watch This Space: Securing Satellite Communication through Resilient Transmitter Fingerprinting".
The BibTeX entry is given below:
@inproceedings{smailesWatch2023,
author = {Smailes, Joshua and K{\"o}hler, Sebastian and Birnbach, Simon and Strohmeier, Martin and Martinovic, Ivan},
title = {{Watch This Space}: {Securing Satellite Communication through Resilient Transmitter Fingerprinting}},
year = {2023},
publisher = {Association for Computing Machinery},
booktitle = {Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security},
location = {Copenhagen, Denmark},
series = {CCS '23}
}
To clone the repository:
git clone --recurse-submodules https://github.com/ssloxford/SatIQ-noise.git
cd SatIQ-noise
A Docker container is provided for ease of use, with all dependencies installed. A recent version of Docker must be installed on your system to use this.
To run scripts locally, the following packages are required:
python3
The following Python packages are also required:
numpy
matplotlib
pandas
keras
h5py
zmq
tqdm
tensorflow
tensorflow-datasets
tensorflow-addons==0.13.0
scipy
seaborn
scikit-learn
notebook
A GPU is recommended (with all necessary drivers installed), although not required to run the model.
The full dataset is stored on Zenodo at the following URL: https://zenodo.org/record/10678124.
These can be downloaded from the site directly, but the following script may be preferable due to the large file size:
#!/bin/bash
for i in $(seq 0 32); do
wget https://zenodo.org/records/10678124/files/${i}.tar.gz
done
Warning
These files are large (45GB total). Ensure you have enough disk space before downloading.
To extract the files:
#!/bin/bash
for i in $(seq 0 32); do
tar xzf ${i}.tar.gz
done
See the instructions below on processing the resulting files for use.
The script tf-container.sh
provides a Docker container with the required dependencies for analysis.
Run the script from inside the repository's root directory to ensure volumes are correctly mounted.
If your machine has no GPUs:
- Modify
Dockerfile
to use thetensorflow/tensorflow:latest
image. - Modify
tf-container.sh
, removing--gpus all
.
See the main SatIQ repository for documentation and examples of the SatIQ
system.
The data-collection
directory contains a docker-compose
pipeline to receive signals from an SDR, extract Iridium messages, and save the data to a database file, while adding noise from a different SDR.
To run under its default configuration, connect a USRP N210 (via Ethernet) and a BladeRF (via USB) to the host machine, and run the following (from inside the data-collection
directory):
./autorun.sh
Data will be stored in data/noise
.
If different SDRs are used, the iridium_extractor
configuration may need to be altered.
Change the docker-compose.yml
to ensure the device is mounted in the container, and modify iridium_extractor/iridium_extractor.py
to use the new device as a source.
The analysis
directory contains Jupyter notebooks for processing the data and producing the plots and numbers used in the paper.
The notebooks may be opened without running to see the results in context, or executed to reproduce the results.
The TensorFlow Docker container should contain all the required dependencies to run the notebooks. See Setup for requirements to run outside docker.
Note that these may require a large amount of RAM. A GPU is also recommended.
The notebooks contain the following:
jamming.ipynb
contains the evaluation of jamming Iridium messages.plots-data.ipynb
contains plots relating to the raw data (amount, distribution, etc).plots-models.ipynb
contains the code for running theSatIQ
model on the data.
Important
The plots-models.ipynb
notebook expects the trained model weights to be located in data/models/ae-triplet-final.h5
.
This can be downloaded from https://zenodo.org/record/8298532.
This code and dataset have been made public to aid future research in this area. However, this reposistory is no longer actively developed. Any contributions (documentation, bug fixes, etc.) should be made as pull requests, and may be accepted.